From bf5e4f554e5191a5af80540fb692658d181ed484 Mon Sep 17 00:00:00 2001 From: hippoz <10706925-hippoz@users.noreply.gitlab.com> Date: Thu, 14 Apr 2022 21:32:52 +0300 Subject: [PATCH] backend/gateway: enforce `d` field to be a single numeric `0` for ping payloads --- src/gateway/index.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/gateway/index.ts b/src/gateway/index.ts index c3e5a5e..fcc1c3f 100644 --- a/src/gateway/index.ts +++ b/src/gateway/index.ts @@ -216,7 +216,11 @@ export default function(server: Server) { break; } case GatewayPayloadType.Ping: { - // TODO: also check session here and ensure packet is sent at the right time + if (payload.d !== 0) { + return closeWithBadPayload(ws, "d: expected numeric '0'"); + } + + // TODO: also check session here ws.state.alive = true; break; }